async def add(uname: str,
password: str,
mail: str,
reg_ip: str = '',
uid: int = None,
priv: int = builtin.DEFAULT_PRIV,
**kwargs):
# Add a user.
validator.check_uname(uname)
# TODO: Filter name by keywords
validator.check_password(password)
validator.check_mail(mail)
uname_lower = uname.strip().lower()
mail_lower = mail.strip().lower()
if not uid:
uid = await system.inc_user_counter()
for user in builtin.USERS:
if user['_id'] == uid or user['uname_lower'] == uname_lower or user[
'mail_lower'] == mail_lower:
raise error.UserAlreadyExistError(uname)
salt = pwhash.gen_salt()
coll = db.Collection('user')
try:
return (await coll.insert_one({
'_id':
uid,
'uname':
uname,
'uname_lower':
uname_lower,
'mail':
mail,
'mail_lower':
mail_lower,
'salt':
salt,
'hash':
pwhash.hash_password(password, salt),
'reg_at':
datetime.datetime.utcnow(),
'reg_ip':
reg_ip,
'priv':
priv,
'login_at':
datetime.datetime.utcnow(),
'login_ip':
reg_ip,
'gravatar':
mail,
**kwargs
})).inserted_id
except errors.DuplicateKeyError:
raise error.UserAlreadyExistError(uid, uname, mail) from None
async def post(self, *, mail: str):
validator.check_mail(mail)
if await user.get_by_mail(mail):
raise error.UserAlreadyExistError(mail)
rid, _ = await token.add(token.TYPE_REGISTRATION,
options.options.registration_token_expire_seconds,
mail=mail)
await self.send_mail(mail, 'Sign Up', 'user_register_mail.html',
url=self.reverse_url('user_register_with_code', code=rid))
self.render('user_register_mail_sent.html')
async def get(self, *, code: str):
tdoc = await token.get(code, token.TYPE_CHANGEMAIL)
if not tdoc or tdoc['uid'] != self.user['_id']:
raise error.InvalidTokenError(token.TYPE_CHANGEMAIL, code)
mail_holder_udoc = await user.get_by_mail(tdoc['mail'])
if mail_holder_udoc:
raise error.UserAlreadyExistError(tdoc['mail'])
# TODO: Ensure mail is unique
await user.set_mail(self.user['_id'], tdoc['mail'])
await token.delete(code, token.TYPE_CHANGEMAIL)
self.json_or_redirect(self.reverse_url('home_security'))
async def post(self, *, code: str, uname: str, password: str, verify_password: str):
validator.check_uname(uname)
doc = await token.get(code, token.TYPE_REGISTRATION)
if not doc:
raise error.InvalidTokenError(token.TYPE_REGISTRATION, code)
if re.fullmatch(r'^team\d+$', uname) or await user.get_by_uname(uname):
raise error.UserAlreadyExistError(uname)
if password != verify_password:
raise error.VerifyPasswordError()
uid = await user.add(uname, password, doc['mail'], self.remote_ip)
await domain.set_user_role(builtin.DOMAIN_ID_SYSTEM, uid, builtin.ROLE_DEFAULT)
await token.delete(code, token.TYPE_REGISTRATION)
await self.update_session(new_saved=False, uid=uid)
self.json_or_redirect(self.reverse_url('domain_main'))
async def post_change_mail(self, *, current_password: str, mail: str):
validator.check_mail(mail)
udoc, mail_holder_udoc = await asyncio.gather(
user.check_password_by_uid(self.user['_id'], current_password),
user.get_by_mail(mail))
# TODO: raise other errors.
if not udoc:
raise error.CurrentPasswordError(self.user['uname'])
if mail_holder_udoc:
raise error.UserAlreadyExistError(mail)
rid, _ = await token.add(
token.TYPE_CHANGEMAIL,
options.options.changemail_token_expire_seconds,
uid=udoc['_id'],
mail=mail)
await self.send_mail(mail,
'Change Email',
'user_changemail_mail.html',
url=self.reverse_url('user_changemail_with_code',
code=rid),
uname=udoc['uname'])
self.render('user_changemail_mail_sent.html')